CVE-2023-53321 — Insufficient Granularity of Access Control in Linux

CWE-1220 — Insufficient Granularity of Access Control5 documents5 sources

Severity

7.1HIGHNVD

EPSS

0.0%

top 97.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedSep 16

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such frames shouldn't be forwarded through wmediumd or similar userspace, so require the full 3-address header to avoid accessing invalid memory if shorter frames are passed in.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

▶NVDlinux/linux_kernel5.5 — 5.10.197+4

▶Debianlinux/linux_kernel< 5.10.197-1+3

▶CVEListV5linux/linux05d610af3e71a782fa28a1351b687da982d208ee — 3beb97bed860d95b14ad23578ce8ddaea62023db+6

▶debiandebian/linux< linux 6.1.55-1 (bookworm)

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-g75g-rhj6-fwrr: In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames li↗2025-09-16

▶

OSV

CVE-2023-53321: In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like↗2025-09-16

▶

📋Vendor Advisories

Red Hat

kernel: wifi: mac80211_hwsim: drop short frames↗2025-09-16

▶

Debian

CVE-2023-53321: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: mac80...↗2023

▶